CVE-2022-47925

Name of the Vulnerable Software and Affected Versions Secvisogram csaf-validator-service versions prior to 0.1.0

Description The issue is related to insufficient input validation of requests by an unauthenticated remote user, which might lead to a partial Denial of Service (DoS) of the service. Specifically, the validate JSON endpoint processes tests with unexpected names. This affects only the request of the attacker.

Recommendations For versions prior to 0.1.0, update to version 0.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the validate JSON endpoint to minimize the risk of exploitation.